svn commit: r357633 - in stable: 11/secure/caroot/blacklisted 12/secure/caroot/blacklisted
Kyle Evans
kevans at FreeBSD.org
Thu Feb 6 18:37:40 UTC 2020
Author: kevans
Date: Thu Feb 6 18:37:38 2020
New Revision: 357633
URL: https://svnweb.freebsd.org/changeset/base/357633
Log:
MFC r357193: caroot: blacklisted: automatically pick up *.pem in the tree
This kind of automagica got picked up in trusted/ prior to the initial
commit, but never got applied over in blacklisted. Ideally no one will be
using blacklisted/ to store arbitrary certs that they don't intend to
blacklist, so we should just install anything that's in here rather than
force consumer to first copy cert into place and then modify the file
listing in the Makefile.
Wise man once say: "it is better to restrict too much, than not enough.
sometimes."
Modified:
stable/12/secure/caroot/blacklisted/Makefile
Directory Properties:
stable/12/ (props changed)
Changes in other areas also in this revision:
Modified:
stable/11/secure/caroot/blacklisted/Makefile
Directory Properties:
stable/11/ (props changed)
Modified: stable/12/secure/caroot/blacklisted/Makefile
==============================================================================
--- stable/12/secure/caroot/blacklisted/Makefile Thu Feb 6 18:04:45 2020 (r357632)
+++ stable/12/secure/caroot/blacklisted/Makefile Thu Feb 6 18:37:38 2020 (r357633)
@@ -2,6 +2,8 @@
BINDIR= /usr/share/certs/blacklisted
-FILES=
+BLACKLISTED_CERTS!= ls ${.CURDIR}/*.pem 2> /dev/null || true
+
+FILES+= ${BLACKLISTED_CERTS}
.include <bsd.prog.mk>
More information about the svn-src-stable
mailing list